Application security , Malware , Threat Intelligence Crypto stealing wallet apps proliferate in Apple App Store April 21, 2026 Share By SC Staff More than two dozen Apple App Store apps spoofing well-known cryptocurrency wallets Coinbase, Metamask, OneKey, and Trust Wallet, have been leveraged to pilfer seed phrases and cryptocurrency assets from Chinese users as part of the FakeWallet attack campaign that has been linked to the ongoing SparkKitty operation, reports BleepingComputer . Opening each of the 26 fraudulent crypto wallet apps, all of which have since been removed by Apple, diverts to phishing pages impersonating legitimate crypto service portals that trick targets into downloading malicious wallet apps through iOS provisioning profiles, a technique evident in the SparkKitty campaign, an analysis from Kaspersky researchers showed. Included in the trojanized apps were additional code enabling the mnemonic phrase interception, encryption, and exfiltration. Attackers could then harness the stolen phrases to drain wallets while making fund recovery impossible. While Chinese users were primarily subjected to the campaign, operators may opt to use the malware, which has no geographic restrictions, in global intrusions. Such a development comes after an illicit Ledger Live app on the Apple App Store was reported to have enabled the theft of $9.5 million worth of cryptocurrency from 50 macOS users . SC Staff Related Application security Over 130K users’ browser data siphoned by illicit TikTok downloader extensions SC Staff April 21, 2026 HackRead reports that over a dozen malicious TikTok downloader extensions have allowed the clandestine compromise of more than 130,000 users' Google Chrome- and Microsoft Edge-stored data as part of the StealTok campaign, which has been underway for more than a year. Security Operations Aikido Security launches Endpoint to secure AI development and mitigate supply chain attacks SC Staff April 21, 2026 Endpoint aims to provide enterprises with visibility and control over software packages, development environments, browser extensions, and AI tools integrated into modern software development. DevSecOps Vercel incident falls short of a supply chain attack — for now Steve Zurier April 20, 2026 Experts say Vercel case was a trust and authentication boundary failure, but not an attack on the level of SolarWinds. Related Events Cybercast Protecting Application User Data for Better Privacy, Governance, and Compliance On-Demand Event Cybercast The Next Evolution of Application Security: AI- Accelerated DevSecOps On-Demand Event Cybercast Scaling secure software in the age of AI: Turning intelligence into action On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Account Harvesting Adware Backdoor Browser DNS Spoofing Dictionary Attack Distributed Scans Google Hacking Morris Worm Password Cracking You can skip this ad in 5 seconds